The following is a press release from HHS. It is an update to a 2016 hacking incident previously covered on this site. The incident also resulted in a class action lawsuit that was settled for $6 million in 2019. February 02, 2023 Today, the U.S. Department of Health and Human Services’ Office for Civil Rights…
Category: Commentaries and Analyses
North Korean hackers stole research data in two-month-long breach
Bill Toulas reports: A new cyber espionage campaign dubbed ‘No Pineapple!’ has been attributed to the North Korean Lazarus hacking group, allowing the threat actors to stealthily steal 100GB of data from the victim without causing any destruction. The campaign lasted between August and November 2022, targeting organizations in medical research, healthcare, chemical engineering, energy,…
Members of Congress Call for IRS to Investigate Tax Companies Sharing Data with Facebook
Members of Congress Call for IRS to Investigate Tax Companies Sharing Data with Facebook The Markup revealed the companies’ practices last year By: Colin Lecher and Simon Fondrie-Teitler Three congressional Democrats are demanding that the Internal Revenue Service investigate tax preparation companies for sharing sensitive taxpayer data with Facebook after The Markup revealed the practice…
Hackers are using this new trick to deliver their phishing attacks
Danny Palmer reports: Cyber criminals are using uniquely crafted phishing emails to infect victims with malware — and they’re doing so by experimenting with a new method of delivering the malicious payload. According to analysis by Proofpoint, there’s been a rise in cyberattackers attempting to deliver malware using OneNote documents, a digital notebook signified by .one extensions that is part…
Acuity Brands allegedly failed to protect employee info during data breaches – lawsuit
Jessy Edwards reports on litigation stemming from breaches previously noted on this site. Acuity Brands was negligent in its data security, leading to two data breaches that exposed as many as 37,000 people’s personal information to hackers, a new class action lawsuit alleges. Plaintiffs Andrew Smith and Mackenzie Fairfield—both former employees of the lighting company—filed…
Ie: HSE patients startled to get alerts about personal info stolen by hackers
Reminder: If you are first sending out data breach notification letters two years after the breach, you might want a public announcement or media campaign to alert the public that letters are going out. Daire Fitton reports: People across Cork have raised concerns with the HSE after suddenly receiving letters about their leaked personal information…